OpenCloud
/
mastodon
mirror of https://github.com/tootsuite/mastodon
1
1
Fork 0
Code Issues Releases Wiki Activity
mastodon/config
History
Sorin Davidoi 6f3d934bc1 feat(cookies): Use the same-site attribute to lax (#8626) 
CSFR-prevention is already implemented but adding this doesn't hurt.

A brief introduction to Same-Site cookies (and the difference between strict and
lax) can be found at
https://blog.mozilla.org/security/2018/04/24/same-site-cookies-in-firefox-60/

TLDR: We use lax since we want the cookies to be sent when the user navigates
safely from an external site.
 		2018-09-08 23:54:28 +02:00
..
environments
initializers feat(cookies): Use the same-site attribute to lax (#8626) 2018-09-08 23:54:28 +02:00
locales Weblate translations (2018-09-02) (#8582) 2018-09-02 22:31:35 +02:00
webpack
application.rb Add Czech language option and locale data (#8594) 2018-09-05 08:50:06 +09:00
boot.rb
brakeman.ignore
database.yml
deploy.rb
environment.rb
i18n-tasks.yml
navigation.rb
puma.rb
routes.rb Redirect from old authorize_follow path (#8584) 2018-09-03 00:10:28 +02:00
secrets.yml
settings.yml
sidekiq.yml
themes.yml
webpacker.yml